]> git.proxmox.com Git - mirror_lxc.git/blame - src/lxc/monitor.c
projects / mirror_lxc.git / blame
? search:
summary | shortlog | log | commit | commitdiff | tree
blob | blame (incremental) | history | HEAD
github: Update for main branch
[mirror_lxc.git] / src / lxc / monitor.c
CommitLineData
cc73685d 1/* SPDX-License-Identifier: LGPL-2.1+ */
e51d4895 2
1160ce89
CB		 3#include "config.h"
4
0ad19a3f 5#include <errno.h>
0ad19a3f 6#include <fcntl.h>
b45c7011 7#include <inttypes.h>
d38dd64a
CB		 8#include <net/if.h>
9#include <netinet/in.h>
292b1d17
CB		 10#include <poll.h>
11#include <stddef.h>
b45c7011 12#include <stdint.h>
292b1d17
CB		 13#include <stdio.h>
14#include <stdlib.h>
15#include <string.h>
0ad19a3f 16#include <sys/param.h>
0ad19a3f 17#include <sys/socket.h>
292b1d17
CB		 18#include <sys/stat.h>
19#include <sys/types.h>
e51d4895 20#include <sys/wait.h>
d38dd64a 21#include <unistd.h>
b113348e 22
31c53c2e 23#include "af_unix.h"
292b1d17 24#include "error.h"
f2363e38
ÇO		 25#include "log.h"
26#include "lxclock.h"
397a8d30 27#include "macro.h"
54b43e8f 28#include "memory_utils.h"
f2363e38 29#include "monitor.h"
292b1d17 30#include "state.h"
f2363e38 31#include "utils.h"
36eb9bde 32
34498dea 33#if !HAVE_STRLCPY
58db1a61 34#include "strlcpy.h"
9de31d5a
CB		 35#endif
36
ac2cecc4 37lxc_log_define(monitor, lxc);
0ad19a3f 38
e51d4895 39/* routines used by monitor publishers (containers) */
9e60f51d
DE		 40int lxc_monitor_fifo_name(const char *lxcpath, char *fifo_path, size_t fifo_path_sz,
41 int do_mkdirp)
42{
43 int ret;
44b9ae4b 44 char *rundir;
9e60f51d
DE		 45
46 rundir = get_rundir();
97a696c6
SG		 47 if (!rundir)
48 return -1;
49
9e60f51d 50 if (do_mkdirp) {
3ca3b230
CB		 51 ret = strnprintf(fifo_path, fifo_path_sz, "%s/lxc/%s", rundir, lxcpath);
52 if (ret < 0) {
6dd32d35 53 ERROR("rundir/lxcpath (%s/%s) too long for monitor fifo", rundir, lxcpath);
44b9ae4b 54 free(rundir);
9e60f51d
DE		 55 return -1;
56 }
539c3977 57 ret = lxc_mkdir_p(fifo_path, 0755);
9e60f51d 58 if (ret < 0) {
47903908 59 ERROR("Unable to create monitor fifo directory %s", fifo_path);
44b9ae4b 60 free(rundir);
9e60f51d
DE		 61 return ret;
62 }
63 }
3ca3b230
CB		 64 ret = strnprintf(fifo_path, fifo_path_sz, "%s/lxc/%s/monitor-fifo", rundir, lxcpath);
65 if (ret < 0) {
6dd32d35 66 ERROR("rundir/lxcpath (%s/%s) too long for monitor fifo", rundir, lxcpath);
44b9ae4b 67 free(rundir);
9e60f51d
DE		 68 return -1;
69 }
44b9ae4b 70 free(rundir);
9e60f51d
DE		 71 return 0;
72}
73
e51d4895 74static void lxc_monitor_fifo_send(struct lxc_msg *msg, const char *lxcpath)
0ad19a3f 75{
e51d4895
DE		 76 int fd,ret;
77 char fifo_path[PATH_MAX];
78
79 BUILD_BUG_ON(sizeof(*msg) > PIPE_BUF); /* write not guaranteed atomic */
9e60f51d
DE		 80
81 ret = lxc_monitor_fifo_name(lxcpath, fifo_path, sizeof(fifo_path), 0);
82 if (ret < 0)
9123e471 83 return;
80f41298 84
292b1d17
CB		 85 /* Open the fifo nonblock in case the monitor is dead, we don't want the
86 * open to wait for a reader since it may never come.
8bf1e61e 87 */
292b1d17 88 fd = open(fifo_path, O_WRONLY | O_NONBLOCK);
e51d4895 89 if (fd < 0) {
292b1d17
CB		 90 /* It is normal for this open() to fail with ENXIO when there is
91 * no monitor running, so we don't log it.
e51d4895 92 */
2469f9b6 93 if (errno == ENXIO || errno == ENOENT)
292b1d17
CB		 94 return;
95
a24c5678 96 SYSWARN("Failed to open fifo to send message");
31c53c2e 97 return;
e51d4895 98 }
0ad19a3f 99
92ffb6d8
DE		 100 if (fcntl(fd, F_SETFL, O_WRONLY) < 0) {
101 close(fd);
8bf1e61e 102 return;
92ffb6d8 103 }
8bf1e61e 104
802e609a 105 ret = lxc_write_nointr(fd, msg, sizeof(*msg));
e51d4895 106 if (ret != sizeof(*msg)) {
e8b9ac8f 107 close(fd);
6dd32d35 108 SYSERROR("Failed to write to monitor fifo \"%s\"", fifo_path);
e51d4895
DE		 109 return;
110 }
0ad19a3f 111
112 close(fd);
113}
114
292b1d17
CB		 115void lxc_monitor_send_state(const char *name, lxc_state_t state,
116 const char *lxcpath)
eae6543d 117{
292b1d17 118 struct lxc_msg msg = {.type = lxc_msg_state, .value = state};
eae6543d 119
9de31d5a 120 (void)strlcpy(msg.name, name, sizeof(msg.name));
e51d4895 121 lxc_monitor_fifo_send(&msg, lxcpath);
0ad19a3f 122}
123
292b1d17
CB		 124void lxc_monitor_send_exit_code(const char *name, int exit_code,
125 const char *lxcpath)
1787abca 126{
292b1d17 127 struct lxc_msg msg = {.type = lxc_msg_exit_code, .value = exit_code};
1787abca 128
9de31d5a 129 (void)strlcpy(msg.name, name, sizeof(msg.name));
1787abca
JTLB		 130 lxc_monitor_fifo_send(&msg, lxcpath);
131}
132
e51d4895
DE		 133/* routines used by monitor subscribers (lxc-monitor) */
134int lxc_monitor_close(int fd)
0ad19a3f 135{
dd1d77f9 136 return close(fd);
e51d4895
DE		 137}
138
fcaef9c7
CB		 139/* Enforces \0-termination for the abstract unix socket. This is not required
140 * but allows us to print it out.
141 *
142 * Older version of liblxc only allowed for 105 bytes to be used for the
143 * abstract unix domain socket name because the code for our abstract unix
144 * socket handling performed invalid checks. Since we \0-terminate we could now
145 * have a maximum of 106 chars. But to not break backwards compatibility we keep
146 * the limit at 105.
147 */
95e523c8 148int lxc_monitor_sock_name(const char *lxcpath, struct sockaddr_un *addr)
149{
2db56bd6 150 __do_free char *path = NULL;
e51d4895
DE		 151 size_t len;
152 int ret;
b45c7011 153 uint64_t hash;
e51d4895 154
b45c7011
DE		 155 /* addr.sun_path is only 108 bytes, so we hash the full name and
156 * then append as much of the name as we can fit.
9123e471 157 */
e51d4895
DE		 158 memset(addr, 0, sizeof(*addr));
159 addr->sun_family = AF_UNIX;
292b1d17 160
fcaef9c7 161 /* strlen("lxc/") + strlen("/monitor-sock") + 1 = 18 */
073135ba 162 len = strlen(lxcpath) + 18;
54b43e8f 163 path = must_realloc(NULL, len);
3ca3b230
CB		 164 ret = strnprintf(path, len, "lxc/%s/monitor-sock", lxcpath);
165 if (ret < 0) {
6dd32d35 166 ERROR("Failed to create name for monitor socket");
9e60f51d
DE		 167 return -1;
168 }
9e60f51d 169
3ca3b230 170 /* Note: strnprintf() will \0-terminate addr->sun_path on the 106th byte
fcaef9c7
CB		 171 * and so the abstract socket name has 105 "meaningful" characters. This
172 * is absolutely intentional. For further info read the comment for this
173 * function above!
174 */
073135ba 175 len = sizeof(addr->sun_path) - 1;
b45c7011 176 hash = fnv_64a_buf(path, ret, FNV1A_64_INIT);
3ca3b230 177 ret = strnprintf(addr->sun_path, len, "@lxc/%016" PRIx64 "/%s", hash, lxcpath);
fcaef9c7 178 if (ret < 0) {
6dd32d35 179 ERROR("Failed to create hashed name for monitor socket");
2f126499 180 goto on_error;
fcaef9c7 181 }
292b1d17 182
fcaef9c7
CB		 183 /* replace @ with \0 */
184 addr->sun_path[0] = '\0';
6dd32d35 185 INFO("Using monitor socket name \"%s\" (length of socket name %zu must be <= %zu)", &addr->sun_path[1], strlen(&addr->sun_path[1]), sizeof(addr->sun_path) - 3);
292b1d17 186
e51d4895 187 return 0;
2f126499 188
189on_error:
190 return -1;
e51d4895 191}
0ad19a3f 192
e51d4895
DE		 193int lxc_monitor_open(const char *lxcpath)
194{
195 struct sockaddr_un addr;
292b1d17
CB		 196 int fd;
197 size_t retry;
fcaef9c7 198 int backoff_ms[] = {10, 50, 100};
e51d4895
DE		 199
200 if (lxc_monitor_sock_name(lxcpath, &addr) < 0)
201 return -1;
202
2f126499 203 DEBUG("Opening monitor socket %s with len %zu", &addr.sun_path[1], strlen(&addr.sun_path[1]));
aae93dd3 204
292b1d17 205 for (retry = 0; retry < sizeof(backoff_ms) / sizeof(backoff_ms[0]); retry++) {
fcaef9c7 206 fd = lxc_abstract_unix_connect(addr.sun_path);
94bc08e9 207 if (fd != -1 || errno != ECONNREFUSED)
e51d4895 208 break;
6d1400b5 209
210 SYSERROR("Failed to connect to monitor socket. Retrying in %d ms", backoff_ms[retry]);
e51d4895 211 usleep(backoff_ms[retry] * 1000);
0ad19a3f 212 }
213
fcaef9c7 214 if (fd < 0) {
6d1400b5 215 SYSERROR("Failed to connect to monitor socket");
c8dcf778 216 return -1;
e51d4895 217 }
292b1d17 218
0ad19a3f 219 return fd;
220}
221
2366b8a7 222int lxc_monitor_read_fdset(struct pollfd *fds, nfds_t nfds, struct lxc_msg *msg,
8d06bd13 223 int timeout)
0ad19a3f 224{
2366b8a7 225 int ret;
0ad19a3f 226
2366b8a7 227 ret = poll(fds, nfds, timeout * 1000);
8d06bd13 228 if (ret == -1)
75b1e198 229 return -1;
8d06bd13 230 else if (ret == 0)
1a0e70ac 231 return -2; /* timed out */
8d06bd13 232
292b1d17
CB		 233 /* Only read from the first ready fd, the others will remain ready for
234 * when this routine is called again.
8d06bd13 235 */
d535a483 236 for (size_t i = 0; i < nfds; i++) {
2366b8a7
SH		 237 if (fds[i].revents != 0) {
238 fds[i].revents = 0;
239 ret = recv(fds[i].fd, msg, sizeof(*msg), 0);
8d06bd13 240 if (ret <= 0) {
b5be6a7c 241 SYSERROR("Failed to receive message. Did monitord die?");
8d06bd13
DE		 242 return -1;
243 }
244 return ret;
245 }
0ad19a3f 246 }
292b1d17 247
6dd32d35 248 SYSERROR("No ready fd found");
292b1d17 249
8d06bd13
DE		 250 return -1;
251}
252
253int lxc_monitor_read_timeout(int fd, struct lxc_msg *msg, int timeout)
254{
2366b8a7 255 struct pollfd fds;
8d06bd13 256
2366b8a7
SH		 257 fds.fd = fd;
258 fds.events = POLLIN | POLLPRI;
259 fds.revents = 0;
8d06bd13 260
2366b8a7 261 return lxc_monitor_read_fdset(&fds, 1, msg, timeout);
0ad19a3f 262}
263
72d0e1cb
SG		 264int lxc_monitor_read(int fd, struct lxc_msg *msg)
265{
266 return lxc_monitor_read_timeout(fd, msg, -1);
267}
268
45e854dc 269#define LXC_MONITORD_PATH LIBEXECDIR "/lxc/lxc-monitord"
e51d4895 270
292b1d17
CB		 271/* Used to spawn a monitord either on startup of a daemon container, or when
272 * lxc-monitor starts.
e51d4895
DE		 273 */
274int lxc_monitord_spawn(const char *lxcpath)
0ad19a3f 275{
487b14b6 276 int ret;
e51d4895 277 int pipefd[2];
397a8d30 278 char pipefd_str[INTTYPE_TO_STRLEN(int)];
487b14b6 279 pid_t pid1, pid2;
e51d4895 280
292b1d17 281 char *const args[] = {
457e3c5d 282 LXC_MONITORD_PATH,
283 (char *)lxcpath,
284 pipefd_str,
285 NULL,
e51d4895
DE		 286 };
287
288 /* double fork to avoid zombies when monitord exits */
289 pid1 = fork();
290 if (pid1 < 0) {
6dd32d35 291 SYSERROR("Failed to fork()");
e51d4895
DE		 292 return -1;
293 }
294
295 if (pid1) {
6dd32d35 296 DEBUG("Going to wait for pid %d", pid1);
457e3c5d 297
f2bbe86d
DE		 298 if (waitpid(pid1, NULL, 0) != pid1)
299 return -1;
457e3c5d 300
6dd32d35 301 DEBUG("Finished waiting on pid %d", pid1);
e51d4895
DE		 302 return 0;
303 }
304
305 if (pipe(pipefd) < 0) {
6dd32d35 306 SYSERROR("Failed to create pipe");
f15e4fd2 307 _exit(EXIT_FAILURE);
e51d4895
DE		 308 }
309
310 pid2 = fork();
311 if (pid2 < 0) {
6dd32d35 312 SYSERROR("Failed to fork()");
f15e4fd2 313 _exit(EXIT_FAILURE);
e51d4895 314 }
292b1d17 315
e51d4895 316 if (pid2) {
6dd32d35 317 DEBUG("Trying to sync with child process");
e51d4895 318 char c;
292b1d17 319 /* Wait for daemon to create socket. */
e51d4895 320 close(pipefd[1]);
292b1d17
CB		 321
322 /* Sync with child, we're ignoring the return from read
e51d4895
DE		 323 * because regardless if it works or not, either way we've
324 * synced with the child process. the if-empty-statement
325 * construct is to quiet the warn-unused-result warning.
326 */
d535a483 327 if (lxc_read_nointr(pipefd[0], &c, 1)) {
8f47bc3f 328 ;
d535a483 329 }
292b1d17 330
e51d4895 331 close(pipefd[0]);
292b1d17 332
6dd32d35 333 DEBUG("Successfully synced with child process");
f15e4fd2 334 _exit(EXIT_SUCCESS);
e51d4895
DE		 335 }
336
e51d4895 337 if (setsid() < 0) {
6dd32d35 338 SYSERROR("Failed to setsid()");
f15e4fd2 339 _exit(EXIT_FAILURE);
e51d4895 340 }
292b1d17 341
47a46cf1 342 lxc_check_inherited(NULL, true, &pipefd[1], 1);
aec1ea62 343 if (null_stdfds() < 0) {
6dd32d35 344 SYSERROR("Failed to dup2() standard file descriptors to /dev/null");
f15e4fd2 345 _exit(EXIT_FAILURE);
aec1ea62 346 }
292b1d17 347
e51d4895 348 close(pipefd[0]);
292b1d17 349
3ca3b230
CB		 350 ret = strnprintf(pipefd_str, sizeof(pipefd_str), "%d", pipefd[1]);
351 if (ret < 0) {
6dd32d35 352 ERROR("Failed to create pid argument to pass to monitord");
f15e4fd2 353 _exit(EXIT_FAILURE);
aec1ea62 354 }
487b14b6 355
6dd32d35 356 DEBUG("Using pipe file descriptor %d for monitord", pipefd[1]);
292b1d17 357
e51d4895 358 execvp(args[0], args);
6dd32d35 359 SYSERROR("Failed to exec lxc-monitord");
292b1d17 360
f15e4fd2 361 _exit(EXIT_FAILURE);
0ad19a3f 362}
LXC mirror